Date: Sun, 29 Nov 1998 15:09:48 -0500 From: Adam Shostack <adam@homeport.org> To: Robert Watson <robert+freebsd@cyrus.watson.org>, CyberPsychotic <fygrave@tigerteam.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Detecting remote host type and so on.. Message-ID: <19981129150948.A18609@weathership.homeport.org> In-Reply-To: <Pine.BSF.3.96.981128163124.2929D-100000@fledge.watson.org>; from Robert Watson on Sat, Nov 28, 1998 at 04:35:27PM -0500 References: <Pine.LNX.4.05.9811281331240.4308-100000@gizmo.kyrnet.kg> <Pine.BSF.3.96.981128163124.2929D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 28, 1998 at 04:35:27PM -0500, Robert Watson wrote: | On Sat, 28 Nov 1998, CyberPsychotic wrote: | | > Hello people, | > This is probably abit offtopic, but anyway, That is not good when someone | > could figure out what platform you're running your Apache on. Recently I | > checked site http://www.netcraft.com which could tell you what server and | > on what platform you're running. They don't provide source for the code, | > so I just put my sniffer on, and pushed the button (they have webform) to | > see what that will do. All that box did, was a connection to my 80 port | > and issuing command HEAD / HTTP/1.0. All what comes for responce is: | | As far as I can tell, it is almost impossible to disguise the operating | system that you are running. Most platforms display distinctive banners, | have quirks in their IP implementation, or just made different design | choices that may be distinguished remotely (for example, choices about | timeouts, fragmentation issues, etc). While you can attempt to hide the Two tools that do this are queso (at Apostools.org, if memory serves), and nmap2 (currently in closed beta.) Also, Tony Osborne has been working on a paper based on ICMP differences. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981129150948.A18609>